Vulnerabilities > Iterm2 > High

DATE CVE VULNERABILITY TITLE RISK
2019-11-17 CVE-2019-19022 Information Exposure vulnerability in Iterm2
iTerm2 through 3.3.6 has potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist, which might allow remote attackers to obtain sensitive information, as demonstrated by searching for the NoSyncSearchHistory string in .plist files within public Git repositories.
network
low complexity
iterm2 CWE-200
7.5
2017-09-20 CVE-2015-9231 Information Exposure vulnerability in Iterm2
iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords by reading DNS queries.
network
low complexity
iterm2 CWE-200
7.5